Computer Security Chapter 4

Web Attacks Targeting Users

-Defaced Website -Fake Website -Fake Code

Protecting Websites Against Change

-Integrity Checksums -Signed Code

Browser Attack Types

-Man-in-the-browser -Keystroke Logger -Page-in-the-Middle -Program Download Substitution -User-in-the-Middle

Successful Identification and Authentication

-Shared Secrets -One-Time Passwords -Out-of-Band Communication -Continuous Authentication

Links to malicious web sites

Advertising potentially shady sites to a large number of people.

Dot-Dot-Slash

An attack that exploits utility programs on a web server.

SQL Injection

An attack that targets SQL servers by injecting commands to be manipulated by the database.

Cross-Site Scripting Attack

An online attack that occurs when a user visits a compromised Web site that runs a script that installs a keylogger program on the user's computer.

Malicious Web Content

-Substitute Content on a Real Web Site -Web Bugs -Clickjacking -Drive-By Download

Keystroke Logger Attack

A type of spyware program that monitors keystrokes with the intent of stealing passwords, login IDs, or credit card information.

PGP

Pretty Good Privacy

S/MIME

Secure/Multipurpose Internet Mail Extensions

Drive-By Download

Software gets downloaded, installed, and executed on the user's computer without their permission, or even without their knowledge!

Substitute Content on a Real Web Site

Substituting real web content with fake content.

Page-in-the-Middle Attack

Can redirect the user to pages other than the one the user thinks they're connected to

Server-Side Include

Instruction within an HTML page that directs the Web server to perform an action.

Man-in-the-browser Attack

Malicious code inserted into the browser itself (a Trojan horse) that can intercept almost anything the browser does.

Pump-and-dump

Manipulating the prices of "Penny Stocks" by altering demand on what is a limited-supply stock.

Malicious Payload

Misleading links that install malware on your computer.

MitB vs PitB

MitB more actively alters the communication stream during a legitimate connection; PitB typically redirects it to a different site.

Web Bugs

Typically, a combination of 1-x-1-pixel "images" (often the same color as their background, so they appear invisible) that, when used with tracking cookies, can keep track of which sites you have visited.

User-in-the-Middle Attack

UitM attack gets users to solve a CAPTCHA, which actually originated elsewhere, and the UitM attacker then sends the solution to the CAPTCHA back to a site other than the one the user thought they were going to.

Phishing Attacks

Use e-mail messages to try and get users to disclose personal information. Spear phishing is a more refined version that uses social engineering to make the content seem more "trustworthy".

Clickjacking

What you're actually clicking on is hidden behind some other graphic.

Program Download Substitution Attack

When a user clicks on software to download / install and: -The link misdirects them somewhere else. -Get what they wanted with malware attached.